CVE-2008-1726

2008-04-11T15:05:00
ID CVE-2008-1726
Type cve
Reporter NVD
Modified 2017-09-28T21:30:50

Description

Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php.